Bookshelf Home | Contents | Index | Search | PDF | ![]() ![]() ![]() ![]() |
Security Guide for Siebel eBusiness Applications > Configuring for Security: Overview >
Security Roadmap
This section provides an overview of the tasks you can perform to take advantage of Siebel's security resources. Use this as a checklist for setting up security in your Siebel environment.
Each task includes a pointer for more information on how to perform the task. Pointers include references to later sections in this guide as well as to other documents on the Siebel Bookshelf.
- During Siebel software installation, install Resonate Central Dispatch to manage port numbers and provide firewall protection on your network. See Physical Deployment and Auditing and Siebel Server Installation Guide.
- After you install your Siebel site, change the default passwords for Siebel accounts, according to the requirements for your authentication method. See Changing Default Passwords.
- Change the SYSADM password.
- Change the DBO table owner and password.
- Add a password for updating Web server images. See Adding a Password for Updating Web Server Images.
- Make sure communications and important data is encrypted. See Communications and Data Encryption.
- Enable encryption for SISNAPI communications between Siebel components. See Configuring for Encryption.
- Make sure important data such as passwords or credit card numbers are encrypted. See Password Encryption and Business Component Encryption.
- Make sure communication with Siebel Reports Server is secure. See Securing Siebel Reports Server.
- Implement security adapter authentication or Web Single Sign-On to validate users. For more information, see User Authentication Overview.
- Configure the Siebel Web Engine to use HTTPS protocol to transmit user credentials from the browser to the Web server. See Secure Login.
- Require URLs to use HTTPS protocol for some (or all) views in your Siebel applications. See Secure Views.
- Manage database access by creating a single Application User account and encrypt the Application User password. See Application User.
- If you are using Web Single Sign-On, enable X.509 digital certificate authentication and change the default TrustToken setting. See Digital Certificate Authentication.
- For LDAP/ADSI authentication, turn on password syntax check, password expiration, and user account lockout (if available). See Account Policies.
- Set up an access control system to control visibility of data records and views to each individual user. For more information, see Access Control.
- Create an audit trail to monitor database updates and changes. See Auditing for Data Continuity. Also refer to Applications Administration Guide.
- Make sure communications between Mobile Web Clients and your Siebel site are secure.
- Change the DBA password. See Changing the Siebel Local (DBA) Password.
- Enable encryption for Mobile Web Clients. See Mobile Web Client: Encryption for Synchronization.
Also refer to Siebel Remote and Replication Manager Administration Guide.
Bookshelf Home | Contents | Index | Search | PDF | ![]() ![]() ![]() ![]() |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |